XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support Radius SSO with HP MSM Controller Series

    Presently it is not possible to utilise Radius SSO with the HP MSM Controller Series.

    Please support the Framed-IP-Address AVP attribute for user authentication.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Network Threat Reports - Links to Tools

    It would be awesome if you could make the link for an Attacker's IP address take us to a place like CentralOps.net or even the built-in tools so we can reverse DNS the IP address to figure out if the threat is credible or not. Also awesome would be the ability to then block that attacker permanently by creating a firewall rule to reject traffic from that specific address with a simple button click.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Device Specific Authentication

    UTM allows us to configure different web profiles where different device-specific authentication can be set.

    This is very useful in environment where BYOD is required and more than one profile is needed.
    So inherit from UTM.

    61 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Change the port names

    Give us the ability to change the names of the ethernet ports, I can never remember if the WAN is port 1, port 2, or port 3. If we could name them something that indicates their purpose it would be very helpful.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. DHCP Static Assignment from List of Leases

    On the UTM9 you could assign a static lease to a device by clicking on a Make Static button, please add this functionality to the XG.

    41 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Use E-mail Sensitivity header for SPX Encryption

    Rather than require a plugin to encrypt an e-mail can you add the option of using the Sensitivity header which has been around for quite a long time now and is used by your competition (IronPort) to trigger encryption. A simple check box in the setup of the SPX profile will be sufficient. Just seems like you are trying to re-invent the wheel with your Outlook Add-in which in its current state on the UTM won't even install on most computers without an error.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow VLANs to be added to a bridge

    This function was available in UTM 9, but it's missing in the new XG Firewalls. I should be able to create a new vlan and add it to a bridge so that it spans multiple physical interfaces. As it is right now, a new vlan can only be added to a single physical port.

    164 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    15 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to choose which LAN interface IP the captive portal will redirect to.

    Customer's situation is that they have two interfaces with the same LAN type. The problem was that the captive portal keeps redirecting to the wrong interface IP. I asked GES about this and was advised that currently captive portal only redirects to the IP of the first LAN interface, there is no way to manually change the IP it uses. So feature request is the way to go.
    # 5659720

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. DLP - keywords

    Please add the ability to encrypt e-mail based on a keyword at the beginning of the Subject of an e-mail like "Secure" or "Confidential" or "Encrypted". This functionality already exists on the SG, can you bring it over to the XG? In lieu of this could you provide more than just a plugin for Outlook? Something for mobile devices? An extension for Thunderbird?

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Where is the SPX Reply Portal?

    Please add the Reply Portal to the SPX configuration like we had on the SG!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. WIFI - HOTSPOT - Email authentification with report

    It's was a good idea to create just email authentification in Hotspot and to have report with all mail. Free Wifi is good but a lot of Customer want to have a revenu with free wifi.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Mail Manager

    Give us a mail manager screen like we had in the UTM 9 SG.

    120 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Web Filter exceptions based on User Agent

    I believe this is related to an existing suggestion:
    http://feature.astaro.com/forums/330219-sophos-xg-firewall/suggestions/10944024-resolve-netflix-streaming-issue

    UTM customers are able to get around Netflix streaming issues using the workaround detailed here: https://www.sophos.com/support/knowledgebase/121646.aspx
    This involves creating an exception for traffic based on its User Agent. There is no option to do this when configuring exceptions in XG as far as I can tell.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Customize Logo for SPX Portal

    Like the UTM allow for a custom logos to be uploaded and used for the SPX portal page (possibly block pages as well?). This is currently not available when making SPX templates.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Download archived Logs

    Archive and download old logs in tgz format like in UTM: Logging and Reporting > View Log Files > Archived Log Files.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. SSL VPN Port modification request

    Hi Sophos XG Firewall Team,

    Need your support to allow the Firewall administrator to configure the SSL VPN port, because most of the networks are not allowing to use 8443 port especially in ISP side.

    It is crucial for all Sophos XG Firewall end customer.

    Regards
    Damodharan..

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. Notification Rules

    At the moment no way to customize notification. I receive mail when the WAN gateway is down/up.
    You need to provide us a way to create rules where we can decide when receive notification, alert level (warning, information, critical),who will receive the notification. As soon you integrate SMS, please also allow us to receive SMS (it is an old way) but when the mail does not work....
    I would suggest you to create a panel as the Network Policy Rule rule to manage notification rules.

    352 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    26 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Network Traffic Quota warning via email

    The system should send users an email when 50%, 80% etc. of their cycles Network Traffic Quota is consumed.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Possibility of modifying the logo in customer portal, as is the entrance to the company. Cheers

    Possibility of modifying the logo in customer portal, as is the entrance to the company.

    Cheers

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Two IPSec Peer on VPN Configuration

    We have more customer with many branches and two or more Internet connection. We want to enable a Singla VPN SA that could be terminated on two differents Peer IPSec Gateway, so we can create a reliable VPN Connection that can use two different Internet connection, depend on what we can specify as first and second Remote Peer VPN.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.